1. Home
  2. CVE Database
  3. CVE-2011-1653
HIGH · 10.0

CVE-2011-1653

Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involvin...

Vulnerability Description

Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
BroadcomTotal Defenser12

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2011-1653?

CVE-2011-1653 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involvin...

How severe is CVE-2011-1653?

CVE-2011-1653 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-1653?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Total Defense.